Amid Russia-Ukraine conflict, KPRC 2 Investigates asked questions and got answers about the safety of American nuclear facilities

Safeguards are in place to prevent damage from physical and cyber attacks

When Russian forces seized control of a nuclear power plant in southeastern Ukraine, KPRC 2 wanted to know what type of safeguards are in place at U.S. facilities to repel an attack. We spoke with a former commissioner for the U.S. Nuclear Regulatory Commission and a University of Houston professor who is working on ways to produce nuclear energy in safer environments.

“From a security stand-point, it is a multi-layered defense,” said Jeffrey Merrifield, a former NRC commissioner who worked under Presidents Bill Clinton and George W. Bush.

According to the NRC, one of the main requirements for operators of nuclear reactors is the ability to successfully defend against what our government refers to as a Design-basis threat. A DBT is based on our government’s assessment of the tactics, techniques and procedures of foreign and domestic terrorist groups.

One of the ways our government checks whether nuclear plants can meet these threats is through something called a force-on-force inspection. According to the NRC, every three years nuclear power plants undergo a simulated attack. According to the NRC, this weeks-long process involves both tabletop exercises and a boots on-the-ground incursion that gets as close as possible to real-world conditions.

“This is unique, I am not aware of any other civilian facilities in the United States that have to do this type of testing,” said Merrifield.

University of Houston associate professor Dr. Stanko Brankovic also points out the buildings housing nuclear reactors are designed to withstand a myriad of catastrophes such as tornadoes, floods, hurricanes and earthquakes.

“The design of the nuclear reactors in the United States takes into account different catastrophic scenarios,” said Brankovic. “(They’re) very hard to penetrate and provides a tight ceiling where no gases can escape if there is some kind of incident happening in the reactor.”

Merrifield was a commissioner during the 9/11 attacks and said that prompted the Commission to also consider the possibility of planes flying into nuclear facilities.

“We demonstrated through significant investment of research dollars, about 40-million dollars, that these plants can withstand those kind of attacks,” said Merrifield.

The NRC also requires operators to have plans in place to defend against cyber-attacks, as well as how the facilities will work with local, state and federal agencies to respond to an emergency. The closest nuclear power plant to the Houston area is the South Texas Project in Matagorda County. STP provides power to 2-million homes. Officials at STP referred our questions about security and resiliency to the NRC.

The Texas Division of Emergency Management did send a statement to KPRC 2 regarding its response to potential nuclear disasters.

“TDEM participates in the planning and execution of federal and state mandated training and full participation and full-scale exercises with Texas nuclear power plants. TDEM activates the State Emergency Operations Center (SOC) and convenes the state’s Emergency Management Council which consists of 40 state agencies to coordinate the response in the event of a nuclear/radiological incident affecting local residents. At the request of local officials, the state provides assistance with evacuation, transportation, sheltering and mass care, agricultural and animal expertise, health and medical, as well as providing monitoring and decontamination assets. TDEM collaborates with the federal liaisons working alongside TDEM in the State Operations Center in support of local officials.”

The NRC also has an on-going inspection process to ensure all safety protocols are in place and followed at nuclear facilities.

“At all of the nuclear power plants across the United States there are on-site, resident inspectors. These are NRC inspectors who are there, available to tour, review the site procedures 24-hours a day,” said Merrifield.

In regards to the potential of cyber-attacks on nuclear facilities, the NRC did send KPRC 2 the following statement:

“The NRC has full confidence that U.S. nuclear power plant licensees are protecting their facilities against a cyber attack on the digital systems that provide for safety and security. The agency’s regulatory framework requires these licensees to implement a robust cyber-security program based on a defensive architecture and defense-in-depth protective strategies. Through the agency’s oversight program, cyber security inspections have been performed at all nuclear power plants to assess the effective implementation of these cyber security programs.”

The NRC also has several fact sheets regarding safety and oversight. You can read those fact sheets here.